Copyright infringement liability is one of the most publicized and potentially costly legal risks facing online video sites, social networks and other Internet sites which enable and commercialize "user-generated" content. Whether launching, operating, investing in or planning an acquisition of an online business involving user-generated content, there is some risk that such a business could attract copyright infringement lawsuits. New media, social networking, gaming and Internet companies (and venture capital and private equity firms that invest in such companies) are advised to adopt practical strategies for minimizing risk exposure to copyright infringement and other liability arising from user-generated content.

Section 512(c) of the Digital Millennium Copyright Act ("DMCA") provides online service providers with defenses against claims of copyright infringement liability for the infringing acts of end users. Qualifying for eligibility under this "safe harbor" is the most effective strategy for minimizing copyright infringement liability, but failing to qualify for this "safe harbor" does not mean an online service provider is necessarily liable for infringement as other defenses (e.g., fair use) may apply.

To help avoid lawsuits involving user-generated content, here are 10 steps to help online service providers navigate into the safe harbor provided by Section 512(c) of the DMCA:

1. Designate A DMCA Agent With The Copyright Office

Designating an agent to receive notices of claimed copyright infringement with the U.S. Copyright Office is straightforward (mail in/deliver a form which contains identification and contact information) and inexpensive ($80 filing fee). The individual chosen should be knowledgeable about the DMCA procedures. The DMCA imposes brief times to respond to DMCA compliant notices of infringement, so consider also appointing an alternate agent who has been trained and can act in compliance with the DMCA's requirements in the event that the designated agent is temporarily unable to do so.

2. Have A Working DMCA Notification System

Online businesses should include the following information in their websites' publicly available terms of use: (i) name and contact information of a designated agent to receive notifications of claimed infringement and (ii) how and where copyright owners can send DMCA compliant notices of claimed infringement.

3. Have A Reasonable Process For Dealing With DMCA Notices And Terminate Repeat Infringers

Adopt, reasonably implement and inform subscribers of a policy providing that the company may, when appropriate, terminate the accounts of repeat infringers. Create a written policy that sets out clear guidelines for suspending and terminating the accounts of subscribers who infringe on the company's website and include the repeat infringer termination policy in the site's terms of use. The DMCA does not state what "reasonably implemented" means and a variety of procedures for dealing with DMCA compliant notifications are permitted provided the service provider (i) terminates users who repeatedly or blatantly infringe and (ii) does not actively prevent copyright owners from collecting information needed to issue a DMCA compliant notification.

Below are components of a policy that the court in Io Group. v. Veoh Networks recently held to be "reasonably implemented":

  • Respond to each infringement notice within a few days of receipt
  • Issue users a warning for first time upload of infringing content
  • Terminate the account of any user who has previously received a warning if notice is received that user has uploaded infringing content
  • Block and/or disable all content provided by user terminated for repeat infringement
  • Block repeat infringer's email address to prevent establishment of new account under same email address
  • Generate "hash" or digital fingerprint for each video file and use that technology to terminate access to other identical files and prevent additional identical files from being uploaded

4. If A DMCA Compliant Notice Is Received, Quickly Take Down Infringing Content

Establish, implement and document procedures which include (i) consistent and prompt review of all notices of claimed infringement to determine whether such notices "substantially comply" with the informational and procedural requirements of the DMCA and (ii) expeditious removal or denying access to content identified as infringing in any such DMCA compliant notice. Time is of the essence so a removal or disabling of access within 24 hours is best, though a 48-72 hour period may be sufficient.

5. Do Not Turn A Blind Eye To Red Flags Of Obvious Infringement

If there are blatant factors or "red flags" of obvious infringement, expeditiously remove or deny access to such materials. Here are some examples of what might be considered "red flags" of obvious infringement:

  • Copyright notices that are prominently and consistently displayed in the content
  • User statements indicating content is bootlegged or pirated
  • Discussions amongst users on how the online business' service can be used to circumvent copyright law

The DMCA does not impose any obligation on an online service provider to monitor and police its sites for infringing activity. Accordingly, many have criticized the "red flag" test as providing a disincentive for service providers to take technologically reasonable and feasible measures to prevent infringing files from being made available.

6. Consider Using Fingerprinting, Filtering And/Or Other Technology

Myspace, YouTube, Veoh and other top providers of user-generated online content have implemented copyright protection technologies such as digital fingerprinting and content filtering in an effort to block clips containing infringing materials. Though there is debate on the effectiveness of these technologies, given their widespread use and support among top publishers, service providers should strongly consider implementing such technologies as part of a market-based approach for protecting copyright. When implementing any such technology, do so uniformly (i.e., do not discriminate between different sets of content) and consistently in order to steer clear of knowledge by willful blindness.

7. Notify Uploader Of Take Down; If Uploader Files Counternotice, Reinstate Content After 10-Day "Quiet" Waiting Period

In an effort to prevent copyright owners from abusively or mistakenly demanding the removal of non-infringing materials, the DMCA requires online service providers to notify the uploader of a removal of content and provide them with an opportunity to send a counternotice to challenge such removal. Here is how to satisfy this counternotice and reinstatement requirement:

  • Promptly notify in writing the uploader whose content has been eliminated
  • If a counternotice is received from the uploader, forward a copy to sender of the original takedown notice along with a letter indicating that the removed content will be replaced or access to it will be restored in 10 business days unless a notice of court action seeking to restrain the infringing activity is received
  • Unless notice of court action is received, replace removed content or stop blocking access to it within 10-14 business days following receipt of the counternotice. If such notice of court proceeding is received do not repost the content

Service providers are not required to evaluate or determine whether the DMCA complaint was made in good faith or whether the subject content makes fair use of copyright.

8. Content Must Be Stored At The Direction Of The User

Only material residing on a service provider's system or network that is stored at the discretion of a user is eligible for the safe harbor under the DMCA. Recent cases such as Io v. Veoh and UMG Recordings v. Veoh have analyzed this concept of the DMCA and held that performing the following activities, which facilitate user access to material on a service provider's website, does not result in the loss of safe harbor protection: (i) the automated process of encoding files to different formats (such as flash format); (ii) the creation of screenshots; (iii) the automatic creation of smaller chunks of uploaded video files; and (iv) allowing users to access streaming videos and download whole video files. However, a service provider would likely be precluded from safe harbor protection if it actively participates in or supervises the uploading of content, or previews or selects the files before the upload is completed.

9. Right And Ability To Control Infringing Activity

As the DMCA assumes that a service provider has control over its system or network, courts have held that the ability to "control" the infringing activity is something more than the ability to take down or block access to content. The "something more" concept has been found to exist in situations where the service provider (i) previewed content before posting, (ii) edited content descriptions, (iii) gave advice about content, (iv) controlled the content users chose to upload before it was uploaded, or (v) encouraged copyright infringement on its system. Service providers have no obligation to pre-screen any videos their users upload. Courts have held that the monitoring and/or reviewing by a service provider of its website to look for and remove obvious criminal and illegal activities or pornography does not amount to the ability to "control."

10. Do Not Receive A Financial Benefit Directly Attributable To Infringing Activity Within The Company's Control

If an online service provider has the right and ability to control infringing activity, it is eligible for the safe harbor if it does not receive a financial benefit directly attributable to such infringing activity. The "direct financial benefit" issue is complex and necessarily dependent on applicable facts and circumstances. Although this issue still remains to be clarified by the courts, Viacom has made arguments regarding direct financial benefit in its lawsuit against YouTube. To the extent that the Viacom v. YouTube case results in a decision, this issue would be one of the more interesting DMCA legal questions the case addresses.

Goodwin Procter LLP is one of the nation's leading law firms, with a team of 700 attorneys and offices in Boston, Los Angeles, New York, San Diego, San Francisco and Washington, D.C. The firm combines in-depth legal knowledge with practical business experience to deliver innovative solutions to complex legal problems. We provide litigation, corporate law and real estate services to clients ranging from start-up companies to Fortune 500 multinationals, with a focus on matters involving private equity, technology companies, real estate capital markets, financial services, intellectual property and products liability.

This article, which may be considered advertising under the ethical rules of certain jurisdictions, is provided with the understanding that it does not constitute the rendering of legal advice or other professional advice by Goodwin Procter LLP or its attorneys. © 2009 Goodwin Procter LLP. All rights reserved.